This page collects WhisperX intelligence signals tagged #extortion. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A prolific data ransom gang calling itself Scattered Lapsus ShinyHunters (SLSH) employs a distinctive and aggressive extortion playbook. Unlike traditional, regimented ransomware groups, SLSH is an unruly, fluid English-language gang that focuses on harassing, threatening, and even swatting executives and their familie...
Infinite Campus, a major U.S. K-12 student information system provider, has confirmed a data breach after the ShinyHunters extortion group threatened to leak stolen data. The company disclosed that the incident stemmed from the compromise of an employee's Salesforce account, which attackers used to access information. ...
The ShinyHunters cybercrime gang has targeted Las Vegas hospitality and casino giant Wynn Resorts, demanding a $1.5 million ransom to prevent the leak of a massive trove of sensitive employee data. The group claims to have stolen over 800,000 records containing employees' Social Security numbers, salaries, and other pr...
A significant data breach at business analytics firm Anodot has left more than a dozen of its corporate customers facing extortion demands. The attack, which targeted Anodot's systems, successfully exfiltrated sensitive data, placing major companies like Rockstar Games in the crosshairs of cybercriminals. This incident...
Cryptocurrency exchange Kraken is under direct extortion pressure, with an attacker demanding payment in exchange for stolen customer data. The exchange has publicly refused to negotiate or pay the ransom, framing the incident as a criminal extortion attempt rather than a standard security breach. This stance puts Krak...
Kraken, a major cryptocurrency exchange, is under active extortion by a criminal group threatening to release videos of its internal systems containing sensitive client data. The company's Chief Security Officer, Nick Percoco, confirmed the attack, revealing that the breach originated from within: two instances of staf...
Kraken, one of the world's oldest and largest cryptocurrency exchanges, is under direct pressure from a criminal group claiming to have accessed sensitive customer account information. The group is now attempting to extort the company, signaling a significant security incident that directly threatens user privacy and p...
A Latvian national who operated as a specialized "cold case" negotiator for the Karakurt extortion syndicate has been sentenced to nearly nine years in federal prison, marking a significant prosecution of a ransomware operative who weaponized deeply personal information—including children's medical records—to coerce vi...
Ransomware operation Leak Bazaar has posted Katahdin Technology to its dark web leak portal, signaling the company as a target in an ongoing extortion campaign. The listing appeared on ransom monitoring platforms, though details about the scope of any breach, data volumes involved, or specific ransom demands remain und...
Ransomware operator Killsec3 has publicly identified Mrs Holdings as a target, posting the organization's name to its dark web portal in what appears to be a newly claimed victim. The announcement was surfaced through ransomware monitoring channels, directing observers to the group's listing page for further details. T...
The ransomware group known as Genesis has published a new post referencing Prescott & Holden, signaling potential targeting or exposure of the entity. The posting appeared on the group's infrastructure tracked through ransomlook.io, a platform monitoring ransomware leak sites and extortion operations. The specific natu...
A man wearing smart glasses secretly recorded a woman and then demanded payment to delete the footage from his social media accounts, exposing a disturbing escalation in how consumer wearable technology can be weaponized for exploitation. The incident transforms smart glasses from a passive privacy concern into an acti...
A fresh wave of ransomware listings has appeared on Ransomware.live, potentially disrupting the weekend for three organizations across healthcare and technology sectors. The newly posted entries name CarePoint Health, The American Board of Preventive Medicine, and Calsoft Inc. as claimed victims, signaling active extor...
Two ransomware operations have published new claimed victims on their dark web leak sites, signaling fresh extortion activity across multiple sectors. The groups, identified as "Pear" and "Lynx," posted three organizations in total, marking an escalation in their respective campaigns and providing fresh indicators for ...
The intersection of digital crime and physical danger has reached a critical threshold. According to research by the U.S. FBI and cybersecurity firm Semperis, 46% of ransomware attacks targeting American organizations in 2025 included explicit threats of violence against employees—a figure that underscores how cyber ex...
Instructure, the parent company of the Canvas learning platform, has confirmed two separate unauthorized intrusions within two weeks after the ShinyHunters extortion group claimed responsibility and set a pay-or-leak deadline for data allegedly belonging to more than 275 million students, teachers, and staff tied to ne...
A ransomware group has publicly claimed responsibility for breaching the systems of Foxconn, the global electronics manufacturing giant that produces devices for Apple, Google, Nvidia, and other major technology companies. The group is reportedly attempting to extort the company, threatening to publish stolen data or d...